Suppose we had an equation like:

A * x B mod C
**If A was coprime to C**
i.e. gcd(A,C)=1
To solve for x we would multiply both sides by the modular inverse of A mod C
A * A^-1 * x B * A^-1 mod C
But A * A^-1 mod C = 1
1 * x B * A^-1 mod C
And 1 * x mod C = x
x B * A^-1 mod C
e.g.
5 * x 2 mod 14
5 is coprime with 14, so 5 has an inverse mod 14
5 * 5^-1 * x 2 * 5^-1 mod 14
1 * x 2 * 5^-1 mod 14
x 2 * 5^-1 mod 14
5^-1 mod 14 is 3, since 3 * 5 mod 14 = 15 mod 14 = 1
x 2 * 3 mod 14
x 6 mod 14

Equivalent Statements
Before proceeding its important to remember the following statements are equivalent

AB (mod C)A \equiv B\ (\text{mod }C)AB (mod C)

A mod CB mod CA \text{ mod } C \equiv B \text{ mod }CA mod CB mod C

C (AB)C \ |\ (A - B)C (AB) The

A=B+KCA = B + K \cdot CA=B+KC

| symbol means divides, or is a factor of)

(where KKK is some integer)

This lets us move back and forth between different forms of expressing the same idea.
For example the following are equivalent:

1323 (mod 5)13 \equiv 23\ (\text{mod }5)1323 (mod 5)

13 mod 523 mod 513 \text{ mod } 5 \equiv 23 \text{ mod }

513 mod 523 mod 5

5 (1323)5 \ |\ (13 - 23)5 (1323), (5 10(5 \ |\ -10(5 10,

which is true since 52=10)

13=23+K513 = 23 + K \cdot 513=23+K5. We can

(2)513 = 23 + (-2) \times 513=23+(2)5

satisfy this with K=2: 13=23+

Congruence Modulo is an Equivalence Relation

Convince yourself that the slices used in the previous example have the following properties:

Every pair of values in a slice are related to each other

We will never find a value in more than one slice (slices are mutually disjoint)

If we combine all the slices together they would form a pie containing all of the
values

A pie with slices that have these properties has an equivalence relation.
An equivalence relation defines how we can cut up our pie (how we partition our set of
values) into slices (equivalence classes).
In general, equivalence relations must have these properties:

The pie: A collection of all the values we are interested in

A slice of pie: An equivalence class

How we cut the pie into slices: equivalence relation

Specifically, for our previous example:

The pie: The collection of all integers

A slice of pie labelled BBB: Equivalence class where all the values mod C=B\text{mod
} C = Bmod C=B

How we cut the pie into slices: Using the congruence modulo C relation,
(mod C)\equiv (\text{mod } C)(mod C)

This is why we say that Congruence modulo C is an equivalence relation. It partitions the
integers into C different equivalence classes.

Why do we care that congruence modulo C is an

equivalence relation ?
Knowing that congruence modulo C is an equivalence relation lets us know about some
properties that it must have.
Equivalence relations are relations that have the following properties:

They are reflexive: A is related to A

They are symmetric: if A is related to B, then B is related to A

They are transitive: if A is related to B and B is related to C then A is related to C

Since congruence modulo is an equivalence relation for (mod C). This means:

AA (mod C)A \equiv A \ (\text{mod } C)AA (mod C)

if AB (mod C)A \equiv B \ (\text{mod }C)AB (mod C) then

if AB (mod C) and BD (mod C) then AD (mod C)

BA (mod C)B \equiv A \ (\text{mod }C)BA (mod C)

Example
Let's apply these properties to a concrete example using mod 5:\text{mod }5:mod 5:

33

if 38 (mod 5)3 \equiv 8\ (\text{mod }5)38 (mod 5) then 83 (mod 5)8

\equiv 3\ (\text{mod }5)83 (mod 5) (symmetric property)

if 38 (mod 5)3 \equiv 8\ (\text{mod }5)38 (mod 5) and if 818 (mod 5)8
\equiv 18\ (\text{mod }5)818 (mod 5) then 318 mod 53 \equiv 18\
\text{ mod }5318 mod 5 (transitive property)

mod 53 \equiv 3\ \text{ mod } 533

Ask a question

Questions

Tips & Thanks

Report a mistake

Guidelines

Top Recent

mod 5

(reflexive property)

What level of math is this? I think it would be interesting to know whether you would learn
this in high school, college, or even farther on then that.
27 Votes
1 Comment Flag Zachary Mass's comment

3 years ago by
View profile for: Zachary Mass
Here in Oregon I was seeing it for the first time at university in a Computer Science Discrete
Mathematics course, 2nd year course.
14 Votes
1 Comment Flag david.knepprath's comment

2 years ago by
View profile for: david.knepprath
Show all 22 answers to Zachary Mass's question Answer this question
Amazing stuff !
can you post som exampels of the type
x^3+7x^2+7x+5= 0 Mod 11
6 Votes
Comment on Nils Eriksson's question Flag Nils Eriksson's comment
3 years ago by
View profile for: Nils Eriksson
x^3+7x^2+7x+5 0 (mod 11)
Solve for x.
The key to solving a problem like this is recognizing the properties for modulo arithmetic
under multiplication.
(A * B) mod C = (A mod C * B mod C) mod C
So when we look at the x^3 term in the expression, we can say:
x * x * x mod 11 = (x mod 11 * x mod 11 * x mod 11) mod 11
similarly for the 7x^2 term we have
7 * x * x mod 11 = (7 mod 11 * x mod 11 * x mod 11) mod 11
similarly for the 7x term we have
7x mod 11 = (7 mod 11 * x mod 11) mod 11

Let's explore the addition property of modular arithmetic:

(A + B) mod C = (A mod C + B mod C) mod C

Example:
Let A=14, B=17, C=5
Let's verify: (A + B) mod C = (A mod C + B mod C) mod C
LHS = Left Hand Side of the Equation
RHS = Right Hand Side of the Equation
LHS = (A + B) mod C
LHS = (14 + 17) mod 5
LHS = 31 mod 5
LHS = 1
RHS = (A mod C + B mod C) mod C
RHS = (14 mod 5 + 17 mod 5) mod 5
RHS = (4 + 2) mod 5
RHS = 1
LHS = RHS = 1
Intuition Behind Modular Addition

Observe the figure below. If we want to calculate 12+9 mod 7 we can easily go around the
modular circle for a sequence of 12+9 steps clockwise (as shown in the bottom left circle).

We can take a shortcut by observing that every 7 steps we end up in the same position on the
modular circle. These complete loops around the modular circle dont contribute to our
final position. We ignore these complete loops around the circle by calculating each
number mod 7 (as shown in the two upper modular circles). This will give us the number of
clockwise steps, relative to 0, that contributed to each of their final positions around the
modular circle.
Now, we only have to go around the circle clockwise the total of the number of steps that
contributed to each of numbers final position (as shown in the bottom right modular circle).
This method applies, in general, to any two integers and any modular circle.
Proof for Modular Addition

We will prove that (A + B) mod C = (A mod C + B mod C) mod C

We must show that LHS=RHS
From the quotient remainder theorem we can write A and B as:
A = C * Q1 + R1 where 0 R1 < C and Q1 is some integer. A mod C = R1
B = C * Q2 + R2 where 0 R2 < C and Q2 is some integer. B mod C = R2
(A + B) = C * (Q1 + Q2) + R1+R2
LHS = (A + B) mod C
LHS = (C * (Q1 + Q2) + R1+ R2) mod C
We can eliminate the multiples of C when we take the mod C
LHS = (R1 + R2) mod C
RHS = (A mod C + B mod C) mod C
RHS = (R1 + R2) mod C
LHS=RHS= (R1 + R2) mod C
Modular Subtraction

A very similar proof holds for modular subtraction

(A - B) mod C = (A mod C - B mod C) mod C
Let's explore the multiplication property of modular arithmetic:

(A * B) mod C = (A mod C * B mod C) mod C

Example for Multiplication:
Let A=4, B=7, C=6
Let's verify: (A * B) mod C = (A mod C * B mod C) mod C
LHS = Left Hand Side of the Equation

RHS = Right Hand Side of the Equation

LHS = (A * B) mod C
LHS = (4 * 7) mod 6
LHS = 28 mod 6
LHS = 4
RHS = (A mod C * B mod C) mod C
RHS = (4 mod 6 * 7 mod 6) mod 6
RHS = (4 * 1) mod 6
RHS = 4 mod 6
RHS = 4
LHS = RHS = 4

Proof for Modular Multiplication

We will prove that (A * B) mod C = (A mod C * B mod C) mod C
We must show that LHS = RHS
From the quotient remainder theorem we can write A and B as:
A = C * Q1 + R1 where 0 R1 < C and Q1 is some integer. A mod C = R1
B = C * Q2 + R2 where 0 R2 < C and Q2 is some integer. B mod C = R2
LHS = (A * B) mod C
LHS = ((C * Q1 + R1 ) * (C * Q2 + R2) ) mod C
LHS = (C * C * Q1 * Q2 + C * Q1 * R2 + C * Q2 * R1 + R1 * R 2 ) mod C
LHS = (C * (C * Q1 * Q2 + Q1 * R2 + Q2 * R1) + R1 * R 2 ) mod C
We can eliminate the multiples of C when we take the mod C
LHS = (R1 * R2) mod C
Next let's do the RHS

RHS = (A mod C * B mod C) mod C

RHS = (R1 * R2 ) mod C
Therefore RHS = LHS
LHS = RHS = (R1 * R2 ) mod C
Finally, let's explore the exponentiation property:

A^B mod C = ( (A mod C)^B ) mod C

Often we want to calculate A^B mod C for large values of B.
Unfortunately, A^B becomes very large for even modest sized values for B.

How can we calculate A^B mod C quickly if B is a

power of 2 ?
Using modular multiplication rules:
i.e. A^2 mod C = (A * A) mod C = ((A mod C) * (A mod C)) mod C
We can use this to calculate 7^256 mod 13 quickly
7^1 mod 13 = 7
7^2 mod 13 = (7^1 *7^1) mod 13 = (7^1 mod 13 * 7^1 mod 13) mod 13
We can substitute our previous result for 7^1 mod 13 into this equation.
7^2 mod 13 = (7 *7) mod 13 = 49 mod 13 = 10
7^2 mod 13 = 10
7^4 mod 13 = (7^2 *7^2) mod 13 = (7^2 mod 13 * 7^2 mod 13) mod 13
We can substitute our previous result for 7^2 mod 13 into this equation.
7^4 mod 13 = (10 * 10) mod 13 = 100 mod 13 = 9
7^4 mod 13 = 9
7^8 mod 13 = (7^4 * 7^4) mod 13 = (7^4 mod 13 * 7^4 mod 13) mod 13
We can substitute our previous result for 7^4 mod 13 into this equation.
7^8 mod 13 = (9 * 9) mod 13 = 81 mod 13 = 3
7^8 mod 13 = 3

We continue in this manner, substituting previous results into our equations.

...after 5 iterations we hit:
7^256 mod 13 = (7^128 * 7^128) mod 13 = (7^128 mod 13 * 7^128 mod 13) mod 13
7^256 mod 13 = (3 * 3) mod 13 = 9 mod 13 = 9
7^256 mod 13 = 9
This has given us a method to calculate A^B mod C quickly provided that B is a power of 2.
However, we also need a method for fast modular exponentiation when B is not a power of
2.

How can we calculate A^B mod C quickly for any B ?

Step 1: Divide B into powers of 2 by writing it in binary

Start at the rightmost digit, let k=0 and for each digit:

If the digit is 1, we need a part for 2^k, otherwise we do not

Add 1 to k, and move left to the next digit

Step 2: Calculate mod C of the powers of two B

5^1 mod 19 = 5
5^2 mod 19 = (5^1 * 5^1) mod 19 = (5^1 mod 19 * 5^1 mod 19) mod 19
5^2 mod 19 = (5 * 5) mod 19 = 25 mod 19
5^2 mod 19 = 6
5^4 mod 19 = (5^2 * 5^2) mod 19 = (5^2 mod 19 * 5^2 mod 19) mod 19
5^4 mod 19 = (6 * 6) mod 19 = 36 mod 19
5^4 mod 19 = 17

5^8 mod 19 = (5^4 * 5^4) mod 19 = (5^4 mod 19 * 5^4 mod 19) mod 19
5^8 mod 19 = (17 * 17) mod 19 = 289 mod 19
5^8 mod 19 = 4
5^16 mod 19 = (5^8 * 5^8) mod 19 = (5^8 mod 19 * 5^8 mod 19) mod 19
5^16 mod 19 = (4 * 4) mod 19 = 16 mod 19
5^16 mod 19 = 16
5^32 mod 19 = (5^16 * 5^16) mod 19 = (5^16 mod 19 * 5^16 mod 19) mod 19
5^32 mod 19 = (16 * 16) mod 19 = 256 mod 19
5^32 mod 19 = 9
5^64 mod 19 = (5^32 * 5^32) mod 19 = (5^32 mod 19 * 5^32 mod 19) mod 19
5^64 mod 19 = (9 * 9) mod 19 = 81 mod 19
5^64 mod 19 = 5
Step 3: Use modular multiplication properties to combine the calculated
mod C values
5^117 mod 19 = ( 5^1 * 5^4 * 5^16 * 5^32 * 5^64) mod 19
5^117 mod 19 = ( 5^1 mod 19 * 5^4 mod 19 * 5^16 mod 19 * 5^32 mod 19 * 5^64 mod
19) mod 19
5^117 mod 19 = ( 5 * 17 * 16 * 9 * 5 ) mod 19
5^117 mod 19 = 61200 mod 19 = 1
5^117 mod 19 = 1

Notes:
More optimization techniques exist, but are outside the scope of this article. It should be
noted that when we perform modular exponentiation in cryptography, it is not unusual to use
exponents for B > 1000 bits.
(a - b) mod p = ((a mod p - b mod p) + p) mod p
(a / b) mod p = ((a mod p) * (b^(-1) mod p)) mod p

A hint: Try to use Fermats Little theorem:

A^p1=1modp
for p prime, and all aZ.